Espionage attacks on companies are now commonplace – Thirteenth MELANI semi-annual report

Bern, 31.10.2011 - In the first half of 2011, the Reporting and Analysis Centre for Information Assurance (MELANI) detected higher numbers of espionage attacks on the most diverse range of companies worldwide. The number of hacker attacks aimed at accessing sensitive data also increased. There was a massive increase in skimming cases in Switzerland. These are some of the focus areas of the latest semi-annual report, which was published today.

The primary objective of almost all online criminal activities is to generate financial gains. The attackers frequently choose the direct route by means of phishing in order to access the necessary confidential data. They thereby exploit the victims' good faith and helpfulness by sending them e-mails with false sender addresses, for example, in order to elicit the data they want. For an example, the European Emissions Trading Registry became the victim of phishing attacks.

Daily espionage attacks

In general, the attacks are increasing rapidly, and it must be assumed that attempts are now made every day to enter corporate networks in order to spy on them. During the first half of 2011, some spectacular espionage attacks took place on the US NASDAQ stock exchange, France's Ministry of Finance and the US defence and technology company Lockheed Martin, for instance.

Increased activity on the part of cyber activists

Under the label "Anonymous", activists around the globe coordinate their demonstrations for a free Internet and against government control. Their method of attack consists of distributed denial-of-service attacks (DDoS attacks). These saturate websites with innumerable requests, such that they are rendered unavailable.

In contrast to Anonymous, the hacker collective Lulzsec aims to use its actions primarily to draw attention to security vulnerabilities and problems on the Internet. After successful attacks, the hacker collective publishes data, folder structures and information on the hacked systems.

Client data in the spotlight

In order to access databases, deface websites or infect them with malicious code, the corresponding web servers are usually hacked using stolen access data. In this regard, frequently visited websites are popular targets for attacks. The most prominent example was the attack last April on Sony, whereby the data of 80 million clients was stolen. Another victim of hacker attacks was the US security company RSA, where the primary focus was on confidential information.

In Switzerland, hackers managed to access the programme of the Montreux Jazz Festival on the web server, and publish it one day before the official press conference.

Surge in skimming cases

While skimming, i.e. spying on credit card data, has been a major problem abroad for a long time, MELANI saw a surge in Switzerland during the first half of 2011. While 135 manipulated cash machines were found in the whole of 2010, 225 were discovered already in the first four months of this year.The attackers are increasingly trying to manipulate not only cash machines, but also payment devices in supermarkets and ticket machines. The perpetrators frequently have themselves locked in overnight in order to mount the necessary devices. According to the police, almost all of the perpetrators are from Eastern Europe.

The MELANI semi-annual report 2011/1 is published at:

Address for enquiries

Max Klaus, Deputy Head of MELANI
Federal Strategy Unit for IT
031 323 45 07


Secretariat-General FDF

General Secretariat DDPS